26 matches found
CVE-2023-53940
Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...
CVE-2023-53940 Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File
Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js childprocess module when the fil...
CVE-2023-53940
CVE-2023-53940 affects Codigo Markdown Editor 1.0.1 (Electron). The vulnerability arises from handling of markdown files where an embedded video source with an onerror event can trigger arbitrary shell commands via Node.js child_process, enabling code execution when the file is opened. Public ind...
Codigo 代码注入漏洞
Codigo is a Markdown editor by the individual developer Alfonz Montelibano. A code injection vulnerability exists in Codigo version 1.0.1, which stems from the ability to execute arbitrary system commands that could lead to remote code execution...
EUVD-2009-4662
Malware in sbrugna...
CVE-2025-10012 Portabilis i-Educar educar_historico_escolar_lst.php sql injection
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file educarhistoricoescolarlst.php. Such manipulation of the argument refcodaluno leads to sql injection. The attack can be executed remotely. The exploit has been...
MAL-2025-17439 Malicious code in como-espiar-whatsapp-sin-codigo-qr (npm)
The package como-espiar-whatsapp-sin-codigo-qr was found to contain malicious code...
Malicious code in como-espiar-whatsapp-sin-codigo-qr (npm)
The package como-espiar-whatsapp-sin-codigo-qr was found to contain malicious code...
CVE-2025-8919
A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...
CVE-2025-8919 Portabilis i-Diario History objetivos-de-aprendizagem-e-habilidades cross site scripting
A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...
CVE-2025-8919 Portabilis i-Diario History objetivos-de-aprendizagem-e-habilidades cross site scripting
A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is possible to launch...
CVE-2025-8919
Portabilis i-Diario (History Page component) up to version 1.6 is affected by a cross-site scripting vulnerability in the /objetivos-de-aprendizagem-e-habilidades file. The issue arises from manipulation of the código/objetivo habilidade parameter in an unknown function of the History Page, allow...
PT-2025-33059 · Portabilis · Portabilis I-Diario
Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 1.7 Description: A cross-site scripting issue exists in Portabilis i-Diario due to manipulation of the código/objetivo habilidade argument within an unknown function of the...
Testes de Codigo Elevation of Privilege Vulnerability
Testesdecodigogratis Testes de Codigo is a mobile application from Testesdecodigogratis in Portugal that provides users with driver's license learning. A security vulnerability exists in Testes de Codigo 11.4 and prior that allows an attacker to tamper with the Boolean values of the parameters...
CVE-2021-25648
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...
Design/Logic Flaw
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage...
CVE-2021-25648
CVE-2021-25648 affects the mobile app Testes de Codigo (versions 11.4 and prior). The issue allows an attacker to gain access to the administrative interface and premium features by tampering the Boolean flags isAdmin and isPremium stored on the device, effectively enabling privilege escalation w...
PT-2021-16726 · Unknown · Testes De Codigo
Name of the Vulnerable Software and Affected Versions: Testes de Codigo versions 11.4 and prior Description: The issue allows an attacker to gain access to the administrative interface and premium features by tampering with the boolean value of parameters isAdmin and isPremium located on device...
Testesdecodigogratis Testes de Codigo 安全漏洞
Testesdecodigogratis Testes de Codigo is a mobile application from Testesdecodigogratis in Portugal that provides users with driver's license learning. A security vulnerability exists in Testes de Codigo 11.4 and prior that allows an attacker to tamper with the Boolean values of the parameters...
Cross site scripting
Mobile application "Testes de Codigo" v11.3 and prior allows stored XSS by injecting a payload in the "feedback" message field causing it to be stored in the remote database and leading to its execution on client devices when loading the "feedback list", either by accessing the website directly o...